package org.springframework.security.samples.web;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.annotation.Secured;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

/**
 * @author Thomas
 */
@Controller
public class MainController {

    private static Log LOG = LogFactory.getLog(MainController.class);

    @RequestMapping("/")
    public String root() {
        return "redirect:/index";
    }

    @RequestMapping("/index")
    public String index() {
        return "index";
    }

    @RequestMapping("/user/index")
    public String userIndex() {
        return "user";
    }

    @RequestMapping("/login")
    public String login() {
        return "login";
    }

    /*
    @RequestMapping("/error")
    public String error() {
        return "error";
    }
    */
    @RequestMapping("/login-error")
    public String loginError(Model model) {
        model.addAttribute("loginError", true);
        return "login";
    }

    @RequestMapping("/admin")
    //@PreAuthorize(value = "ADMIN")
    //@PreAuthorize("hasRole('ADMIN')")
    //@PreAuthorize("hasRole('ADMIN') AND hasRole('DBA')")
    @Secured({"ROLE_DBA", "ROLE_ADMIN"})
    //@PostAuthorize ("returnObject.type == authentication.name")
    public String admin() {
        LOG.info("I have access to admin page!");
        return "admin";
    }

    @RequestMapping("/checker")
    public String checker() {
        return "checker";
    }

}
